It’s difficult to prepare for the unknown and at this point Brexit and what it will look like definitely sits in that territory. When it comes to GDPR and what impact Brexit will have there can’t be a definitive guidance for businesses until we know the path the UK will take for sure. One thing is certain though….businesses will need to continue to comply.
When the UK leaves the EU, EU GDPR will no longer be UK law, however the government plans to write GDPR into UK law with the necessary changes to tailor its provisions for the UK (the UK GDPR). So in short, even if you are operating solely in the UK, your business will still be accountable for protecting the privacy rights of individuals.
For any business offering goods or services or transferring data to individuals outside of the UK, you should be mindful that upon leaving the EU, the UK will become a third country. You will need to make some provisions and review existing safeguards to ensure that you can continue once we are outside of the EU.
These are the certainties if we leave the EU, but how quickly they will impact you will depend on whether we leave with or without a deal. In short there will be no transition period if we leave with no deal.
Businesses who will continue to offer goods and services in the EU should be thinking now about what they might need to do should that happen. There are some simple steps you can take now to prepare so start by asking some key questions now and being ready to respond.